Why Google Wants You To Secure Your Website

Why Google Wants You To Secure Your Website

Google announced last year that they would be implementing changes to their Chrome browser that will help identify websites as either “Secure” or “Not Secure”. But what does that mean, and why should you secure your website? We’ll explain…

HTTP

When you visit a website, your browser looks up where that website is located and connects to that server. Data is then sent from the server to your browser using the Hyper Text Transfer Protocol, or HTTP. Programming code, content and images are all sent via HTTP and your browser then interprets that information and displays the page accordingly.

There are 2 big issues with this process:

There’s no way to verify that you’re connected to the right server. For instance, you might think you’ve accessed your bank’s website, but you’re actually on a compromised network that’s redirecting you to an imposter website.

Transmitted data isn’t encrypted, so a third-party eavesdropper could easily intercept that information.

HTTPS

So, what’s the solution? Hyper Text Transfer Protocol Secure, or HTTPS. HTTPS is much more secure than HTTP:

When you connect to an HTTPS site, your browser checks the website’s security certificate and verifies that it was issued by a legitimate authority.

When you send sensitive data over HTTPS, no one can eavesdrop on it while in transit.

You can identify sites using HTTPS (like our website) by looking at your browser’s address bar and finding one or more of these indicators:

Green padlock icon

“Secure” text

The site address begins with https:// (not http://)

While HTTPS was originally intended for securing sensitive data like passwords and online payments, Google is helping to push more of the web toward better security. Why? For starters, it helps to protect your privacy while browsing. It will also keep outside influencers, such as your Internet service provider, from tampering with the content you’re viewing.

How To Use HTTPS

In order to transmit your website data via HTTPS, you need to use a Secure Socket Layer (SSL) Certificate. In the past, this would require you to purchase an SSL from a certificate authority and install it on your server. You would also be responsible for renewing your certificate yearly.

Because this process was not very user-friendly, new methods have been developed to make HTTPS easier to implement. In fact, we have been busy this year moving many of our clients to new servers that have built-in SSL installations. This allows us to offer HTTPS security to all of the websites we host and maintain.

Do You Really Need A Secure Website?

At this time, Google Chrome will show “Not Secure” only on pages that contain form input fields. However, soon Chrome will begin showing “Not Secure” on every page of sites that aren’t protected by an SSL. How do you feel about your website visitors always knowing that your website isn’t secure? And, worse yet, what happens if your competitors’ sites are secure?

Google has also stated that secure websites will benefit from better SEO rankings as well. Additionally, HTTPS is a requirement of the new HTTP/2 protocol, which has been developed to make websites load much more quickly. Faster loading times also boost your site’s SEO.

If you have any questions about securing your website, please don’t hesitate to contact us.